ICWAI IS

ERP

Functions Of Enterprise

Sales Human resources

Engineering Design

Inventory

Enterprise

Production Planning

Finance Quality legal Maintenance

Controlling

Business Process
A business process is a sequence of activities followed by individuals in a business to achieve some business goal.

Often these are manual activities executed by employees who play certain roles in the business in addition to others who are external to the business: customers, business partners, etc.

Systems from a Functional Perspective

Examples of Business Processes
Functional Area
Manufacturing and production

Business Process

Assembling the product Checking for quality Producing bills of materials

Identifying customers Making customers aware of the product Selling the product Paying creditors Creating financial statements Managing cash accounts Hiring employees Evaluating employees job performance Enrolling employees in benefits plans

Sales And Marketing

Finance and accounting

Human resources

Categories Of Information System

Enterprise Systems

Enterprise systems, also known as enterprise resource planning (ERP) systems, provide a single information system for organizationwide coordination and integration of key business processes. Information that was previously fragmented in different systems can seamlessly flow throughout the firm so that it can be shared by business processes in manufacturing, accounting, human resources, and other areas.
6

Enterprise Resource Planning ERP

ERP or Enterprise Resource Planning systems are software systems for businesses management encompassing modules supporting functional areas such as sales and marketing, finance, production, distribution accounting, human resource management, maintenance, inventory management, project management, transportation and ebusiness etc. Business strategy and set of industry-domain-specific applications that build customer and shareholder communities value network system by enabling and optimizing enterprise and inter-enterprise collaborative operational and financial processes (Source: Gartners Research Note SPA-12-0420)

ERP Software

Software solution that addresses the Enterprise needs, taking a process view of the overall organization to meet the goals, by tightly integrating all functions and under a common software platform
ERP is a commodity -- product in the form of software SAP, Oracle Applications, PeopleSoft, JD Edwards, Great plains etc. are worlds leading ERP packages
8

Challenges of Enterprise Systems

Difficult to build: Require fundamental changes in the way the business operates Technology: Require complex pieces of software and large investments of time, money, and expertise Centralized organizational coordination and decision making: Not the best way for the firms to operate
9

Prime Reasons for Implementing ERP

Need for common platform

Process improvement. Data visibility that could be used to improve operating decisions. Operation cost reductions. Increased customer responsiveness. Improved strategic decision making Personal Improvement
10

BPR & ERP

Just automating the existing business practices will not help ERP to achieve the anticipated results because, OO + NT = EOO
'OO + NT = EOO' (Old Organisation + New Technology = Expensive Old Organisation

Business Process Re-engineering [BPR] brings out the deficiencies of the existing setup BPR and ERP will give way to implement new systems and the long pending improvements in the existing systems BPR may be time consuming but the scope can be restricted & controlled by the Management

11

ERP Execution phases

ERP product selection Preparations Production Implementation Post-Implementation

12

How should we implement ERP systems

Obtain the right mix of people, processes and technology!!

13

Vendors

14

ICWAI IS

Information System Control

15

What is security?

Prevention: take measures that prevent

your assets from being damaged.

Detection: take measures so that you can

detect when, how, and by whom an asset has been damaged.

Reaction: take measures so that you can

recover your assets or to recover from a damage to your assets
16

Threats toand Computerized System Vulnerability Abuse

Systems

Information

Hardware failure Software failure Personnel actions Terminal access penetration Theft of data, services, equipment

Fire Electrical problems User errors Unauthorized program changes Telecommunication problems

17

SYSTEM VULNERABILITY AND ABUSE

Disaster
Destroys computer hardware, programs, data files, and other equipment

Security
Prevents unauthorized access, alteration, theft, or physical damage

Errors
Cause computers to disrupt or destroy organizations record-keeping and operations
18

System Quality Problems: Software and Data

Data Quality Problems

Caused due to errors during data input or faulty information system and database design

19

Controls
Methods, policies, and procedures that ensure protection of organizations assets Ensure accuracy and reliability of records, and operational adherence to management standards

20

Establishing a Framework for Security and Control

Application controls
Specific controls unique to each computerized application, such as payroll or order processing Include both automated and manual procedures

Ensure that only authorized data are completely and accurately processed by that application
Include: Input controls Processing controls Output controls

21

Risk Assessment

Determines level of risk to firm if specific activity or process is not properly controlled
Types of threat Probability of occurrence during year

Potential losses, value of threat

Expected annual loss
EXPOSURE PROBABILITY LOSS RANGE EXPECTED ANNUAL LOSS $30,750 $1,275 $19,698

Power failure Embezzlement User error

30% 5% 98%

$5K - $200K $1K - $50K $200 - $40K

22

High Availability High-availability computing: Tools and

technologies enabling system to recover quickly from a crash. Fault Tolerant system

Disaster recovery plan: Runs business in

event of computer outage

Load balancing: Distributes large number of

requests for access among multiple servers
23

Access Control

Access control: Consists of all the policies and procedures a company uses to prevent improper access to systems by unauthorized insiders and outsiders

Authentication: Passwords Tokens, smart cards Biometric authentication

24

Identification

Identification

Method of establishing the subjects (user, program, process) identity.

Use of user name or other public information. Know identification component requirements.

25

Authentication

Authentication

Method of proving the identity.

Something a person is, has, or does. Use of biometrics, passwords, passphrase, token, or other private information.

Strong Authentication is important

26

Authorization

Authorization

Determines that the proven identity has some set of characteristics associated with it that gives it the right to access the requested resources.

27

Authorization

Access Criteria can be thought of as:

Roles Groups Location Time Transaction Types

28

Data Error Detection

Check digits, appended to the end of a long number can provide some protection against data input errors.

The last character of UPC barcodes and ISBNs are check digits.

Longer data streams require more economical and sophisticated error detection mechanisms. Cyclic redundancy checking (CRC) codes provide error detection for large blocks of data.
29